Amazon

Wednesday, 1 April 2015

Track Advice Notification: Consignment Australia Post

Track Advice Notification: Consignment Australia Post  malware....


Headers: (example)
Subject: Track Advice Notification: Consignment RYR7195355
From: "Australia Post" {noreply@auspost.com.au}

Message body (example)
Your parcel (1) has been dispatched with Australia Post.


The courier company was not able to deliver your parcel by your address.


Label is enclosed to the letter.
Print a label and show it at your post office.


Label: RYR7195355


To view/download your label please click here or follow the link below :


https://eparceltrack.auspost.com.au/external/webui/aspx?LabelCode=label_7195355



**Please note that this is an automatically generated email - replies will not be answered.
The above link, actually download a Zip file:
https://www.cubbyusercontent.com/pl/RYR5601763.zip/_33cdead4ebfe45179a32ee175b49c399

Inside the zip, is Windows executable:
RYR5601763.scr
Sha256 Hashes:
7ac09282cc511758e59c72521151071b3feef7824aa25be51cb0e640ed747d98  [1]
Malware Information:

VirusTotal Report [1] (hits 13/57 Virus Scanners)

Malwr Report [1]

Hybrid Analysis Report [1]

Cheers,

Steve
Sanesecurity.com

1 comment:

Anonymous said...

Just got one of these! Thanks for the warning.